diff --git a/hosts/dunamis/boot/loader.nix b/hosts/dunamis/boot/loader.nix deleted file mode 100644 index 7c6c12c..0000000 --- a/hosts/dunamis/boot/loader.nix +++ /dev/null @@ -1,15 +0,0 @@ -{config, ...}: { - boot = { - lanzaboote = { - enable = true; - pkiBundle = "/var/lib/sbctl"; - }; - loader = { - efi.canTouchEfiVariables = true; - systemd-boot = { - enable = !config.boot.lanzaboote.enable; - consoleMode = "auto"; - }; - }; - }; -} diff --git a/hosts/dunamis/configuration.nix b/hosts/dunamis/configuration.nix index 78593fe..d71b2cf 100644 --- a/hosts/dunamis/configuration.nix +++ b/hosts/dunamis/configuration.nix @@ -1,34 +1,35 @@ {inputs, ...}: { imports = with inputs; [ + self.nixosModules.config self.nixosModules.desktop self.nixosModules.system - ./boot ./disko - ./hardware ./minecraft.nix - ./networking - ./nix - ./programs.nix - ./services.nix - ./sops.nix - ./users.nix ]; - desktop.niri.enable = true; + networking = { + hostId = "c7f6c4a1"; + hostName = "dunamis"; + }; + environment.memoryAllocator.provider = "mimalloc"; - locale.ukrainian.enable = true; + system.stateVersion = "25.05"; + time.timeZone = "Europe/Kyiv"; + + desktop.niri.enable = true; + + module.config = { + secureBoot = true; + tpmDiskUnlock = true; + }; module.stylix = { enable = true; theme = "helios"; }; + + locale.ukrainian.enable = true; opentabletdriver.enable = false; qmk-vial.enable = true; security.basic.enable = true; - system.stateVersion = "25.05"; - time.timeZone = "Europe/Kyiv"; virtual.libvirt.enable = true; - wireless = { - bluetooth.enable = true; - bluetooth.enableBlueman = false; - }; } diff --git a/hosts/dunamis/hardware/vaapi/intel-media-driver.nix b/hosts/dunamis/hardware/vaapi/intel-media-driver.nix deleted file mode 100644 index de3af0f..0000000 --- a/hosts/dunamis/hardware/vaapi/intel-media-driver.nix +++ /dev/null @@ -1,7 +0,0 @@ -{pkgs, ...}: { - hardware.graphics.extraPackages = with pkgs; [ - intel-compute-runtime - intel-media-driver - vpl-gpu-rt - ]; -} diff --git a/hosts/dunamis/networking/host-name-id.nix b/hosts/dunamis/networking/host-name-id.nix deleted file mode 100644 index d6b3777..0000000 --- a/hosts/dunamis/networking/host-name-id.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - networking = { - hostId = "c7f6c4a1"; - hostName = "dunamis"; - }; -} diff --git a/hosts/dunamis/networking/network-manager.nix b/hosts/dunamis/networking/network-manager.nix deleted file mode 100644 index cfcade4..0000000 --- a/hosts/dunamis/networking/network-manager.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - networking.networkmanager = { - enable = true; - ethernet.macAddress = "stable"; - }; - }; -} diff --git a/hosts/dunamis/nix/common.nix b/hosts/dunamis/nix/common.nix deleted file mode 100644 index b435541..0000000 --- a/hosts/dunamis/nix/common.nix +++ /dev/null @@ -1,11 +0,0 @@ -{pkgs, ...}: { - nix = { - package = pkgs.lixPackageSets.latest.lix; - channel.enable = false; - daemonCPUSchedPolicy = "idle"; - settings = { - experimental-features = ["nix-command" "flakes"]; - builders-use-substitutes = true; - }; - }; -} diff --git a/hosts/eldrid/networking/network-manager.nix b/hosts/eldrid/networking/network-manager.nix deleted file mode 100644 index d4f8410..0000000 --- a/hosts/eldrid/networking/network-manager.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - networking = { - networkmanager = { - enable = true; - ethernet.macAddress = "stable"; - wifi = { - backend = "iwd"; - macAddress = "random"; - scanRandMacAddress = true; - }; - }; - wireless.iwd = { - enable = true; - settings = { - General.AddressRandomization = "network"; - Settings.AlwaysRandomizeAddress = true; - }; - }; - }; -} diff --git a/hosts/sarien/boot/default.nix b/hosts/sarien/boot/default.nix deleted file mode 100644 index 86f5df8..0000000 --- a/hosts/sarien/boot/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ - pkgs, - inputs, - ... -}: { - imports = with inputs; - [ - chaotic.nixosModules.default - lanzaboote.nixosModules.lanzaboote - ] - ++ [ - ./loader.nix - ]; - boot = { - # kernelPackages = pkgs.linuxPackages_latest; - plymouth.enable = true; - consoleLogLevel = 0; - kernelPackages = pkgs.linuxPackages_cachyos; - kernelParams = [ - "amd_iommu=force_isolation" - "debugfs=off" - "efi=disable_early_pci_dma" - "gather_data_sampling=force" - "intel_iommu=on" - "iommu.passthrough=0" - "iommu.strict=1" - "iommu=force" - "page_alloc.shuffle=1" - "vsyscall=none" - # "ia32_emulation=0" - # "lockdown=confidentiality" - # "module.sig_enforce=1" - ]; - initrd = { - systemd.enable = true; # needed for auto-unlocking with TPM - systemd.tpm2.enable = false; # no TPM - }; - }; -} diff --git a/hosts/sarien/boot/loader.nix b/hosts/sarien/boot/loader.nix deleted file mode 100644 index 7cd9220..0000000 --- a/hosts/sarien/boot/loader.nix +++ /dev/null @@ -1,15 +0,0 @@ -{config, ...}: { - boot = { - lanzaboote = { - enable = false; - pkiBundle = "/var/lib/sbctl"; - }; - loader = { - efi.canTouchEfiVariables = true; - systemd-boot = { - enable = !config.boot.lanzaboote.enable; - consoleMode = "auto"; - }; - }; - }; -} diff --git a/hosts/sarien/configuration.nix b/hosts/sarien/configuration.nix index 7ff7173..d181cd6 100644 --- a/hosts/sarien/configuration.nix +++ b/hosts/sarien/configuration.nix @@ -6,20 +6,22 @@ imports = with inputs; [ self.nixosModules.desktop self.nixosModules.system - ./boot + self.nixosModules.config ./disko ./hardware - ./networking - ./nix - ../dunamis/programs.nix - ../dunamis/services.nix - ../dunamis/sops.nix - ../dunamis/users.nix ]; + networking = { + hostId = "31150fae"; + hostName = "sarien"; + }; + system.stateVersion = "25.05"; time.timeZone = "Europe/Kyiv"; + module.config = { + useIwd = true; + }; module.stylix = { enable = true; theme = "helios"; diff --git a/hosts/sarien/hardware/default.nix b/hosts/sarien/hardware/default.nix index 1e51875..05c884c 100644 --- a/hosts/sarien/hardware/default.nix +++ b/hosts/sarien/hardware/default.nix @@ -1,8 +1,6 @@ { imports = [ - ./facter.nix ./laptop - ./vaapi/intel-media-driver.nix ]; services = { logind = { diff --git a/hosts/sarien/hardware/facter.nix b/hosts/sarien/hardware/facter.nix deleted file mode 100644 index 38bc812..0000000 --- a/hosts/sarien/hardware/facter.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - config, - inputs, - ... -}: let - inherit (inputs) mysecrets; - inherit (config.networking) hostName; -in { - imports = with inputs; [ - nixos-facter-modules.nixosModules.facter - ]; - facter.reportPath = "${mysecrets}/facter/${hostName}.json"; - systemd.network.wait-online.enable = false; -} diff --git a/hosts/sarien/hardware/vaapi/intel-media-driver.nix b/hosts/sarien/hardware/vaapi/intel-media-driver.nix deleted file mode 100644 index de3af0f..0000000 --- a/hosts/sarien/hardware/vaapi/intel-media-driver.nix +++ /dev/null @@ -1,7 +0,0 @@ -{pkgs, ...}: { - hardware.graphics.extraPackages = with pkgs; [ - intel-compute-runtime - intel-media-driver - vpl-gpu-rt - ]; -} diff --git a/hosts/sarien/networking/default.nix b/hosts/sarien/networking/default.nix deleted file mode 100644 index b3b9990..0000000 --- a/hosts/sarien/networking/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ - imports = [ - ./network-manager.nix - ./host-name-id.nix - ]; - networking = { - hosts = import ./hosts.nix; - }; -} diff --git a/hosts/sarien/networking/host-name-id.nix b/hosts/sarien/networking/host-name-id.nix deleted file mode 100644 index 2e958c8..0000000 --- a/hosts/sarien/networking/host-name-id.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - networking = { - hostId = "31150fae"; - hostName = "sarien"; - }; -} diff --git a/hosts/sarien/networking/hosts.nix b/hosts/sarien/networking/hosts.nix deleted file mode 100644 index e45d310..0000000 --- a/hosts/sarien/networking/hosts.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - "192.168.1.42" = ["dunamis"]; -} diff --git a/hosts/sarien/nix/common.nix b/hosts/sarien/nix/common.nix deleted file mode 100644 index b435541..0000000 --- a/hosts/sarien/nix/common.nix +++ /dev/null @@ -1,11 +0,0 @@ -{pkgs, ...}: { - nix = { - package = pkgs.lixPackageSets.latest.lix; - channel.enable = false; - daemonCPUSchedPolicy = "idle"; - settings = { - experimental-features = ["nix-command" "flakes"]; - builders-use-substitutes = true; - }; - }; -} diff --git a/hosts/sarien/nix/default.nix b/hosts/sarien/nix/default.nix deleted file mode 100644 index 1042b61..0000000 --- a/hosts/sarien/nix/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - imports = [ - ./common.nix - ./substituters.nix - ./distributed-build.nix - ]; -} diff --git a/hosts/sarien/nix/distributed-build.nix b/hosts/sarien/nix/distributed-build.nix deleted file mode 100644 index b093581..0000000 --- a/hosts/sarien/nix/distributed-build.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ - config, - inputs, - ... -}: let - inherit (builtins) readFile; - inherit (config.networking) hostName; - inherit (config.sops) secrets; - inherit (inputs) mysecrets; - pubHost = readFile "${mysecrets}/ssh/ssh_host_ed25519_dunamis.base64"; -in { - nix = { - distributedBuilds = true; - buildMachines = [ - { - hostName = "dunamis"; - publicHostKey = pubHost; - sshKey = secrets."ssh-${hostName}-user".path; - sshUser = "nix-ssh"; - supportedFeatures = [ - "benchmark" - "big-parallel" - "kvm" - "nixos-test" - ]; - system = "x86_64-linux"; - } - ]; - }; -} diff --git a/hosts/sarien/nix/ssh-serve.nix b/hosts/sarien/nix/ssh-serve.nix deleted file mode 100644 index a730ef0..0000000 --- a/hosts/sarien/nix/ssh-serve.nix +++ /dev/null @@ -1,10 +0,0 @@ -{config, ...}: let - inherit (builtins) readFile; - inherit (config.users.users) user; -in { - nix.sshServe = { - enable = true; - write = true; - keys = map (f: readFile f) user.openssh.authorizedKeys.keyFiles; - }; -} diff --git a/hosts/sarien/nix/substituters.nix b/hosts/sarien/nix/substituters.nix deleted file mode 100644 index fd4d5c1..0000000 --- a/hosts/sarien/nix/substituters.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - nix.settings = { - substituters = [ - "https://cache.nixos.org/" - "https://chaotic-nyx.cachix.org/" - "https://cosmic.cachix.org/" - "https://nix-community.cachix.org/" - ]; - trusted-public-keys = [ - "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" - "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8=" - "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; - }; -} diff --git a/hosts/dunamis/boot/default.nix b/modules/nixos/config/boot/default.nix similarity index 77% rename from hosts/dunamis/boot/default.nix rename to modules/nixos/config/boot/default.nix index c9ec005..941b407 100644 --- a/hosts/dunamis/boot/default.nix +++ b/modules/nixos/config/boot/default.nix @@ -1,16 +1,14 @@ { + config, inputs, pkgs, ... }: { - imports = with inputs; - [ - chaotic.nixosModules.default - lanzaboote.nixosModules.lanzaboote - ] - ++ [ - ./loader.nix - ]; + imports = with inputs; [ + chaotic.nixosModules.default + ./loader.nix + ./lanzaboote.nix + ]; boot = { plymouth.enable = true; consoleLogLevel = 0; @@ -32,7 +30,7 @@ ]; initrd = { systemd.enable = true; # needed for auto-unlocking with TPM - systemd.tpm2.enable = true; + systemd.tpm2.enable = config.module.config.tpmDiskUnlock; }; }; } diff --git a/modules/nixos/config/boot/lanzaboote.nix b/modules/nixos/config/boot/lanzaboote.nix new file mode 100644 index 0000000..6907357 --- /dev/null +++ b/modules/nixos/config/boot/lanzaboote.nix @@ -0,0 +1,17 @@ +{ + config, + inputs, + lib, + ... +}: { + imports = with inputs; [ + lanzaboote.nixosModules.lanzaboote + ]; + boot = { + lanzaboote = { + enable = config.module.config.secureBoot; + pkiBundle = "/var/lib/sbctl"; + }; + loader.systemd-boot.enable = lib.mkDefault (!config.boot.lanzaboote.enable); + }; +} diff --git a/modules/nixos/config/boot/loader.nix b/modules/nixos/config/boot/loader.nix new file mode 100644 index 0000000..6487c29 --- /dev/null +++ b/modules/nixos/config/boot/loader.nix @@ -0,0 +1,15 @@ +{ + config, + lib, + ... +}: { + boot.loader = { + timeout = 3; + efi.canTouchEfiVariables = true; + systemd-boot = { + enable = true; + consoleMode = "auto"; + configurationLimit = lib.mkOverride 1337 10; + }; + }; +} diff --git a/modules/nixos/config/default.nix b/modules/nixos/config/default.nix new file mode 100644 index 0000000..1bef17c --- /dev/null +++ b/modules/nixos/config/default.nix @@ -0,0 +1,39 @@ +{ + config, + lib, + pkgs, + ... +}: let + inherit (lib) mkDefault mkEnableOption mkIf; + cfg = config.module.config; +in { + imports = [ + ./boot + ./hardware + ./networking + ./nix + ./programs.nix + ./services.nix + ./users.nix + ./sops.nix + ]; + options = { + module.config = { + tpmDiskUnlock = mkEnableOption "set if luks enrolled in tpm2"; + secureBoot = mkEnableOption "set if secure boot is configured"; + useIwd = mkEnableOption "set to use iwd instead of wpa-supplicant"; + vaapi = lib.mkOption { + type = lib.types.enum ["intel-media-driver"]; + default = "intel-media-driver"; + }; + }; + }; + config = mkIf (cfg.vaapi + == "intel-media-driver") { + hardware.graphics.extraPackages = with pkgs; [ + intel-compute-runtime + intel-media-driver + vpl-gpu-rt + ]; + }; +} diff --git a/hosts/dunamis/hardware/default.nix b/modules/nixos/config/hardware/default.nix similarity index 53% rename from hosts/dunamis/hardware/default.nix rename to modules/nixos/config/hardware/default.nix index 8d6b1c6..b28fad6 100644 --- a/hosts/dunamis/hardware/default.nix +++ b/modules/nixos/config/hardware/default.nix @@ -1,6 +1,5 @@ { imports = [ ./facter.nix - ./vaapi/intel-media-driver.nix ]; } diff --git a/hosts/dunamis/hardware/facter.nix b/modules/nixos/config/hardware/facter.nix similarity index 100% rename from hosts/dunamis/hardware/facter.nix rename to modules/nixos/config/hardware/facter.nix diff --git a/hosts/dunamis/networking/default.nix b/modules/nixos/config/networking/default.nix similarity index 61% rename from hosts/dunamis/networking/default.nix rename to modules/nixos/config/networking/default.nix index b3b9990..6f7407f 100644 --- a/hosts/dunamis/networking/default.nix +++ b/modules/nixos/config/networking/default.nix @@ -1,7 +1,6 @@ { imports = [ - ./network-manager.nix - ./host-name-id.nix + ./network-manager ]; networking = { hosts = import ./hosts.nix; diff --git a/hosts/dunamis/networking/hosts.nix b/modules/nixos/config/networking/hosts.nix similarity index 100% rename from hosts/dunamis/networking/hosts.nix rename to modules/nixos/config/networking/hosts.nix diff --git a/hosts/sarien/networking/network-manager.nix b/modules/nixos/config/networking/network-manager/default.nix similarity index 50% rename from hosts/sarien/networking/network-manager.nix rename to modules/nixos/config/networking/network-manager/default.nix index d4f8410..edc5e23 100644 --- a/hosts/sarien/networking/network-manager.nix +++ b/modules/nixos/config/networking/network-manager/default.nix @@ -1,20 +1,15 @@ { + imports = [ + ./wireless-iwd.nix + ]; networking = { networkmanager = { enable = true; ethernet.macAddress = "stable"; wifi = { - backend = "iwd"; macAddress = "random"; scanRandMacAddress = true; }; }; - wireless.iwd = { - enable = true; - settings = { - General.AddressRandomization = "network"; - Settings.AlwaysRandomizeAddress = true; - }; - }; }; } diff --git a/modules/nixos/config/networking/network-manager/wireless-iwd.nix b/modules/nixos/config/networking/network-manager/wireless-iwd.nix new file mode 100644 index 0000000..134652b --- /dev/null +++ b/modules/nixos/config/networking/network-manager/wireless-iwd.nix @@ -0,0 +1,15 @@ +{config, ...}: { + networking = { + networkmanager.wifi.backend = + if config.module.config.useIwd + then "iwd" + else "wpa_supplicant"; + wireless.iwd = { + enable = config.module.config.useIwd; + settings = { + General.AddressRandomization = "network"; + Settings.AlwaysRandomizeAddress = true; + }; + }; + }; +} diff --git a/modules/nixos/config/nix/common.nix b/modules/nixos/config/nix/common.nix new file mode 100644 index 0000000..78a2c60 --- /dev/null +++ b/modules/nixos/config/nix/common.nix @@ -0,0 +1,39 @@ +{ + pkgs, + lib, + ... +}: { + nix = { + package = pkgs.lixPackageSets.latest.lix; + channel.enable = false; + daemonCPUSchedPolicy = "idle"; + settings = { + experimental-features = [ + "nix-command" + "flakes" + # for container in builds support + "auto-allocate-uids" + "cgroups" + + # Enable the use of the fetchClosure built-in function in the Nix language. + "fetch-closure" + + # Allow derivation builders to call Nix, and thus build derivations recursively. + "recursive-nix" + + # Allow the use of the impure-env setting. + # "configurable-impure-env" + ]; + }; + }; + # no longer need to pre-allocate build users for everything + nix.settings.auto-allocate-uids = lib.mkDefault true; + # Needs a patch in Nix to work properly: https://github.com/NixOS/nix/pull/13135 + nix.settings.use-cgroups = true; + + # for container in builds support + nix.settings.system-features = + if lib.versionAtLeast lib.version "25.05pre" + then ["uid-range"] + else lib.mkDefault ["uid-range"]; +} diff --git a/hosts/dunamis/nix/default.nix b/modules/nixos/config/nix/default.nix similarity index 74% rename from hosts/dunamis/nix/default.nix rename to modules/nixos/config/nix/default.nix index eb98489..6131d4d 100644 --- a/hosts/dunamis/nix/default.nix +++ b/modules/nixos/config/nix/default.nix @@ -2,6 +2,6 @@ imports = [ ./common.nix ./substituters.nix - ./ssh-serve.nix + # ./ssh-serve.nix ]; } diff --git a/hosts/dunamis/nix/distributed-build.nix b/modules/nixos/config/nix/distributed-build.nix similarity index 100% rename from hosts/dunamis/nix/distributed-build.nix rename to modules/nixos/config/nix/distributed-build.nix diff --git a/hosts/dunamis/nix/ssh-serve.nix b/modules/nixos/config/nix/ssh-serve.nix similarity index 100% rename from hosts/dunamis/nix/ssh-serve.nix rename to modules/nixos/config/nix/ssh-serve.nix diff --git a/hosts/dunamis/nix/substituters.nix b/modules/nixos/config/nix/substituters.nix similarity index 100% rename from hosts/dunamis/nix/substituters.nix rename to modules/nixos/config/nix/substituters.nix diff --git a/hosts/dunamis/programs.nix b/modules/nixos/config/programs.nix similarity index 100% rename from hosts/dunamis/programs.nix rename to modules/nixos/config/programs.nix diff --git a/hosts/dunamis/services.nix b/modules/nixos/config/services.nix similarity index 100% rename from hosts/dunamis/services.nix rename to modules/nixos/config/services.nix diff --git a/hosts/dunamis/sops.nix b/modules/nixos/config/sops.nix similarity index 100% rename from hosts/dunamis/sops.nix rename to modules/nixos/config/sops.nix diff --git a/hosts/dunamis/users.nix b/modules/nixos/config/users.nix similarity index 100% rename from hosts/dunamis/users.nix rename to modules/nixos/config/users.nix diff --git a/modules/nixos/system/common.nix b/modules/nixos/system/common.nix index 03a0d16..35d1eac 100644 --- a/modules/nixos/system/common.nix +++ b/modules/nixos/system/common.nix @@ -1,5 +1,27 @@ -{ +{lib, ...}: { environment.variables = { LESS = "-R --mouse"; }; + + environment.ldso32 = null; + + boot.tmp.cleanOnBoot = lib.mkDefault true; + + services.openssh = { + settings.X11Forwarding = false; + settings.KbdInteractiveAuthentication = false; + settings.PasswordAuthentication = false; + settings.UseDns = false; + # unbind gnupg sockets if they exists + settings.StreamLocalBindUnlink = true; + + # Use key exchange algorithms recommended by `nixpkgs#ssh-audit` + settings.KexAlgorithms = [ + "curve25519-sha256" + "curve25519-sha256@libssh.org" + "diffie-hellman-group16-sha512" + "diffie-hellman-group18-sha512" + "sntrup761x25519-sha512@openssh.com" + ]; + }; } diff --git a/modules/nixos/system/misc/stylix/default.nix b/modules/nixos/system/misc/stylix/default.nix index a424f88..0da8e09 100644 --- a/modules/nixos/system/misc/stylix/default.nix +++ b/modules/nixos/system/misc/stylix/default.nix @@ -30,6 +30,18 @@ then pkgs.nerdfonts.override {fonts = ["JetBrainsMono"];} else pkgs.nerd-fonts.jetbrains-mono; + wallpapers = { + fern-outline = builtins.fetchurl { + url = "https://w.wallhaven.cc/full/p9/wallhaven-p9m7ve.png"; + name = "wallhaven-p9m7ve.png"; + sha256 = "0r7dl4fjwv2p5q5ggr4sjsl2h5m0s98k9qhiwkvmwi010lyffkx7"; + }; + mountains-pink = builtins.fetchurl { + url = "https://w.wallhaven.cc/full/yq/wallhaven-yq7gox.jpg"; + name = "wallhaven-yq7gox.jpg"; + sha256 = "09s31spp9mq71fgkl1w80nzdc1458p1gjfyi3y6fy14wj2dza0pj"; + }; + }; themes = { nord = { polarity = "dark"; @@ -134,6 +146,28 @@ size = 24; }; }; + himalaya = { + # lightly pink like himalayan salt + polarity = "light"; + scheme = "${pkgs.base16-schemes}/share/themes/atelier-plateau-light.yaml"; + wallpaper = wallpapers.mountains-pink; + + serif = { + package = interPackage; + name = "Inter Nerd Font"; + }; + + monospace = { + package = iosevkaTermPackage; + name = "IosevkaTerm Nerd Font Mono"; + }; + + cursor = { + package = pkgs.bibata-cursors; + name = "Bibata-Modern-Ice"; + size = 24; + }; + }; }; in { imports = with inputs; [